
CLAIMS 

What is claimed is: 



1 LA method comprising: 

2 generating an attestation key pair within a platform; and 

3 producing a certificate including a public attestation key to attest that a private 

4 attestation key, corresponding to the public attestation key, is stored in hardware- 

5 protected memory. 

1 2. The method of claim 1 , wherein prior to generating the attestation key 

2 pair, the method further comprises providing the platform including a processor and a 

3 system memory including an isolated area accessible only by the processor running in an 

4 isolated execution mode. 

1 3. The method of claim 1 , wherein the producing of the certificate occurs at 

2 an initial power-on of the platform. 

1 4. The method of claim 2, wherein the producing of the certificate comprises: 

2 booting the platform from code stored in a platform readable medium loaded by 

3 an agent; and 

4 executing an applet running within the isolated area of the system memory to 

5 generate the attestation key pair. 

1 5. The method of claim 4, wherein the producing of the certificate further 

2 comprises encrypting the public attestation key with a private key held by the agent. 
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1 6 The method of claim 1, wherein the producing of the certificate comprises: 

2 encrypting the public attestation key using a private key held by an original 

3 equipment manufacturer of the platform. 

1 7 The method of claim 1 further comprising: 

2 receiving a challenge message from a remotely located platform, the challenge 

3 message including a nonce. 

1 8 The method of claim 7 further comprising: 

2 generating a response message for transmission to the remotely located platform, 

3 the response message including the certificate, the nonce and a hash value of an audit log. 

1 9 The method of claim 8, wherein the nonce and the hash value are signed 

2 with the private attestation key. 

1 10. A platform comprising: 

2 a processor to operate in one of a normal execution mode and an isolated 

3 execution mode; 

4 an input/output control hub in communication with the processor, the input/output 

5 control hub to generate an attestation key pair and to store an audit log being a listing of 

6 data representing a plurality of software modules loaded within the platform. 

1 1 1 The platform of claim 10, wherein the plurality of software modules 

2 include a processor nub and an operating system nub. 
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1 12. The platform of claim 10 further comprising at least one input/output 

2 device allowing communications with a remotely located platform. 

1 13. The platform of claim 10 further comprising a token link coupled to the 

2 input/output control hub, the token link providing a communication path for a token. 

1 14. The platform of claim 13 wherein the token stores a private attestation key 

2 of the attestation key pair. 

1 15. A platform comprising: 

2 a processor to operate in either a normal execution mode or an isolated execution 

3 mode; 

4 a system memory coupled to the processor, the system memory including an 

5 isolated area and a non-isolated area; 

6 a device in communication with the processor, the device to store an audit log, the 

7 audit log being a listing of data or presenting information loaded into the isolated area of 

8 the system memory; and 

9 a token to generate an attestation key pair to load at least a private attestation key 
10 of the attestation key pair into a protected memory. 

1 16. The platform of claim 15, wherein the protected memory includes a 

2 plurality of single write, multiple-read control registers. 

1 17. The platform of claim 15, wherein the device is an input/output control 

2 nub. 



042390.P8097 



20 



Patent Application 
Express Mail No. EL466333747US 



1 18. The platform of claim 15, wherein the token further generates an 

2 attestation certificate to attest that the private attestation key is stored in protected 

3 memory. 

1 19. A method comprising: 

2 generating an attestation key pair; 

3 storing a private attestation key into hardware-protected memory; and 

4 producing a certificate including the public attestation key to attest that the private 

5 attestation key is stored in the hardware protected memory. 

1 20. The method of claim 19, wherein the hardware-protected memory includes 

2 single-write, multiple-read control registers. 

1 21. The method of claim 1 9, wherein the hardware-protected memory includes 

2 an isolated area of a system memory accessible to a processor when operating in an 

3 isolated execution mode. 

1 22. The method of claim 19, wherein the producing of the certificate occurs at 

2 an initial power-on of the platform. 

1 23. The method of claim 1 9, wherein the producing of the certificate 

. 2 comprises: 

3 booting a platform including the hardware-protected memory from code stored in 

4 a readable medium loaded by an agent; and 

5 executing an applet stored in the hardware-protected memory to generate the 

6 attestation key pair. 
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